Edge Network Security

Certified Edge Security To Protect Devices And Their Networks

Secure The Edge To Protect The Core

Ultra offers the most flexible certified edge network segmentation solutions to protect devices and computing resources. Wired, Wireless, or Embedded – Ultra edge encryption includes tunnels, gateways, and deep packet inspection for any environment.

Certified For Critical Use

FIPS 140-2 certified Ethernet and WiFi connectivity for any environment, including federal and critical infrastructure use. Ultra’s edge security products provide FedRAMP compliance for IoT device networks and Commercial Solutions for Classified (CSfC) operation.

Flexible Solutions, Rigid Security

Securely connect your wired and wireless devices through VPN (L3) or VLAN (L2) encryption, with Deep Packet Inspection and port authentication within an easily extensible design. Ultra offers a complete command & control interface network protection in your embedded device.

Edge Network Security Solutions

Connected controllers and sensors are redefining operations across cities, bases and battlefields. As the number of devices increase, so does the threat of a cybersecurity attack. Ultra offers certified IT network segmentation equipment to secure data while protecting devices and infrastructure.

FedRAMP (Federal Risk and Authorization Management Program), FISMA (Federal Information Security Management Act of 2002) and HITECH (Health Information Technology for Economic and Clinical Health Act) requires FIPS-140-2 validated encryption for all cryptographic functions. Ultra’s edge network solutions meet these requirements and more with the following certifications:

  • FIPS 140-2 Level 2
  • Common criteria (NIAP VID #11080 & #11103)
  • Commercial Solution for Classified (CSfC)
  • DoDIN APL
  • WiFi & FCC
  • MIL-STD-810E

Ultra’s Edge Network Security solutions are designed to secure information at the highest level, from Defence, Critical National Infrastructure to Commercial Assets. Ultra also provides support services for both architecture and deployment.

CyberFence

Award-winning hardware firewall designed to protect critical networks from vulnerable edge devices.  Low SWAP, MIL-STD-810E ruggedisation and power over Ethernet (POE) capabilities enable use in both enterprise and tactical environments.

Best Practice Security

  • IPsec/IKEv2 based VPN or VLAN (Layer 2) encryption
  • Deep Packet Inspection (DPI)
    • Industrial Control System Profile: BACnet, Modbus TCP, OPC,EtherNet/IP and DNP3 control protocols and inbound commands, as well as their origin
    • Custom profiles available
  • Port authentication
  • Several security certifications NIST FIP 140-2 level2, NIAP Common Criteria, Commercial Secret for Classified (CSfC), and DISA DoDIN-APL
  • Certified by Microsoft Azure Cloud and fully interoperable with AWS and Google Cloud VPN using AES-256 bit encryption and deep packet inspection (DPI)
  • Used by the U.S. State Department with AWC VPC and Google cloud for secured VPN
WiFiProtect

Enabling wireless communication encryption in the most challenging environments. WiFiProtect is a self-forming, self-healing, wireless mesh connectivity solution for maximum device access and protection. 

Key Features 

  • 11a/b/g/n operation
  • Single or dual channel configurations, adjustable transmit power
  • Validated by FIPS 140-2, NIAP Common Criteria Network Device Protection Profile, Commercial Secret for Classified (CSfC) and DISA DoDIN-APL to encrypt device information over radio
  • Multiple operating modes
    Client: Ethernet-to-WiFi connection for legacy devices requiring certified encryption
    Access Point: Enforce FIPS 140-2 algorithms for WiFi devices
    Mesh Point: Extend WiFi network range with multiple units for maximum perimeter coverage
    Mesh Access Point: Seamless device network connectivity from anywhere within the Mesh network
  • Risk Management Framework (NIST SP 800-37 Revision 1, DOD 8510.01) and associated control/control interpretations (NIST SP 800-53 Revision 4, CNSSI № 1253) are used for the assessment and authorization of mission systems

WiFiProtect offers uncompromised voice, video, and data communications in stringent and hard to reach environments. It reduces overhead and deployment costs without compromising fail-safe security levels. This is best suited for vast ranges of network topologies and dynamic tactical applications.

Edge Security Module

A standalone COMSEC module ideal for rapid development of secure wired and wireless communication capabilities.

The Ultra's Edge Security Module is designed for easy integration into vulnerable edge-devices, including IoTs, IoMTs, IIoT, without disrupting network operations in critical infrastructure and tactical communications systems used by military, government, and industrial customers.

NIST certifications can take 16 months or more to complete. The Edge Security Module accelerates your development with FIPS 140-2, Common Criteria, and DoDIN APL certified cryptographic functions all self-contained within its own tamper boundary, eliminating any need for recertification.

This includes all CPU, memory, peripheral interface modules, and control circuits for bump-in-wire/stack encryption

  • Ethernet, I2C, RS-232/422/486, and PCI / PCI Express interfaces for wired communication
  • Two independent channels for 802.11a/g/n (3x3 MIMO) wireless communications
  • Wireless Access Points: Client, Access, and Mesh modes supported
  • Encrypted VPN and VLAN, Deep Packet Inspection and Port Authentication capabilities available
  • Size: 2.7 in x 3.1 in x .2 in
  • Voltage Input: +5 - 12V DC
  • Power: 5.5W typical, 7.5W maximum
  • Samtec ERF8/ERM8 connectors
  • Real time clock

Ultra supports your team with expert custom carrier and radio card development, customisations and certification services.

Ultra’s Edge Network Module provides FIPS certified wired and wireless encryption in the following solutions:

  • Ultra CyberFence
  • Ultra WiFiProtect
  • 900 Mhz WiFi Solution
  • PacStar 464 Secure Wifi Access Point in support of US Marine Corps Networking On The Move (NOTM) program

Other Cyber capabilities

Contact us

Sign up for download access

Please submit your details below to access our downloads.

I'm happy for you to contact me

View our privacy policy
Not now